Create a Coherence Cluster in a Private Subnet

When you use Oracle Coherence Cloud to create a cluster and assign the Oracle Coherence compute instances to a private subnet, the instances are not accessible from the public Internet.

If you assign a private subnet, then the compute instances can not be directly accessed from outside of Oracle Cloud. Oracle Coherence Cloud creates a bastion compute instance on a public subnet, and from this bastion you can manage and access the Oracle Coherence compute instances. See Connectivity Choices in the Oracle Cloud Infrastructure documentation.

Topics:

Launch a Stack

Sign in to the Oracle Cloud Infrastructure Console.
Click the navigation menu and select Marketplace.
Select the Coherence Cloud Edition application from the list of available applications.
On the selected application page, the version is set to 14.1.1.0.0 which is the default version.
Select the compartment in which to create the stack.
Select the Terms and Restrictions check box, and then click Launch Stack. The Create Stack wizard is displayed.

Specify Stack Information

Specify the name, description, and tags for the stack.

On the Stack Information page of the Create Stack wizard, enter a name for your stack.
Optionally, enter the description and specify one or more tags for your stack.
Click Next. The Configure Variables page is displayed.

Configure Coherence Cluster Parameters

Specify the parameters needed to configure the Coherence cluster.

In the Coherence Cluster section, enter the resource name prefix. This prefix is used by all the created resources.
Select the Coherence shape for the compute instances.
Enter the SSH public key.
Select the availability domain where you want to create the Coherence compute instances.
Select the number of Coherence compute instances.

Configure Coherence Network Parameters

Define the Virtual Cloud Network (VCN) and subnet cofiguration for a private Coherence cluster.

In the Coherence Network section of the Configure Variables page, select a Virtual Cloud Network (VCN) strategy:
- Select Create New VCN, and then enter a name and CIDR for the new VCN.
- Select Use Existing VCN, and then select the name of the existing VCN.
Select one of the following subnet strategies:
- Create New Subnet
- Use Existing Subnet
  
  Note:
  If you are creating a new VCN, you cannot use an existing subnet. You can only create a new subnet.
For subnet type, select Use Private Subnet.
Select the subnet span:
- Regional Subnet. This subnet has resources in a region's multiple availability domains, and is not specific to any one availability domain.
- AD Specific Subnet. The subnet is defined in one particular availability domain.
For the Coherence subnet, specify one of the following:
- If you want to use an existing regional subnet, then choose the name of a regional subnet from the list of existing subnets for Coherence.
- If you want to use an existing availability domain-specific subnet, then choose the name of an availability domain-specific subnet from the list existing subnets for Coherence.
- If you are creating a new regional or availability domain-specific subnet, then specify a CIDR for the new subnet.
For the bastion host subnet, specify one of the following:
- If you are using an existing regional or availability domain-specific subnet, then choose the name of a regional or availability domain-specific subnet from the list of existing subnets for the bastion host.
- If you are creating a new regional or availability domain-specific subnet, specify a CIDR for the new subnet.

Create the Stack and Instantiate the Cluster

After you have specified the Coherence cluster variables and network parameters, create the stack.

On the Review page of the Create Stack wizard, review the information you have provided, and click Create. This creates a plan that you can use to build the Coherence Cluster.

On the Stack Details page, click the Terraform Actions drop-down menu and select Apply. This instantiates the Coherence cluster. The Job Details page in Resource Manager is displayed. Periodically monitor the progress of the Apply job until it is finished.

Access and Manage Your New Cluster in a Private Subnet

After creating a stack with Oracle Coherence Cloud, access and manage your new cluster in a private subnet by using Secure Shell (SSH) client software to establish a secure connection.

After creating your cluster:

View and manage the cloud resources that were created to support your cluster. See View the Cloud Resources for a Cluster.
Access your cluster in a private subnet.
Oracle Coherence compute instances assigned to a private subnet are not accessible from the public Internet. To access the Coherence cluster, you can use the bastion instance that is created on a public subnet and dynamic port forwarding with a secure shell (SSH) utility.
1. Sign in to the Oracle Cloud Infrastructure Console.
2. From the navigation menu, click Compute, then click Instances.
3. From the Compartment drop-down, select the compartment in which your cluster is created.
4. Click the name of the bastion instance that's associated with your cluster.
  The bastion instance is identified by resourcename-bastion-instance. For example, abcde7xy-bastion-instance.
5. Copy the public IP address value, such as 198.51.100.1.
6. To access your cluster on a private subnet, copy your SSH private key from your local machine to the bastion host. For instance,
```
scp -i ~/.ssh/my-private-key ~/.ssh/my-private-key opc@198.51.100.1:/home/opc/.ssh
```
7. From your computer, open an SSH client and log in to the bastion node as the opc user. Provide the path to the private key that corresponds to the public key that you specified when you created the cluster. The SSH command format is:
```
ssh -i path_to_private_key opc@bastion_public_ip
```
  For example:
```
ssh -i ~/.ssh/my-private-key opc@198.51.100.1
```
8. After logging in to the bastion host, you can SSH into the cluster instances on the private subnet as shown in the following example:
```
ssh -i ~/.ssh/my-private-key opc@10.0.0.1
```